Ok so first of all that's called SQL INJECTION. The
' tries to open/close a string in your mysql query. Try automate your code using PDO. Now for that error look into your php code and you can do this and see if it works.
instead of this:
PHP Code:
"VALUES ('$your_value') "
use this:
PHP Code:
"VALUES ('". mysql_real_escape_string($your_value) ."') "